VIRTUAL LOCAL AREA NETWORK 

Abstract of the Disclosure 
Users are enabled to network multiple customer premises equipment (CPE) devices 
together to form a virtual local area network (VLAN) among CPE devices that access the 
Internet through different cable modems. In a preferred embodiment, each VLAN is 
associated with a unique security association identifier (SAID), which enables a cable 
modem termination system (CMTS) to implement a secondary level of security in its routing 
procedures. As a result, data packets addressed to one or more members of a VLAN can be 
encrypted using the corresponding SAID such that access to the data packets is restricted 
only to members of the appropriate VLAN. 


Attorney Docket No. 100.643US01 


-13- 


